<?php

session_start();

include ("../includes/connection.php");

if(isset($_SESSION["logged_in"])) {
    //display index
    ?>
        <html lang="en">
        <head>
            <meta charset="UTF-8">
            <title>CMS</title>
            <link rel="stylesheet" href="../assets/style.css" media="all">
        </head>
        <body>
            <div class="container">
                <a id="logo" href="index.php">CMS</a>

                <br>
                <ol>
                    <li><a href="add.php">Add Article</a></li>
                    <li><a href="delete.php">Delete Article</a></li>
                    <li><a href="logout.php">Logout</a></li>
                </ol>
            </div>
        </body>
    
    <?php
} else {
    // display login
    if (isset($_POST["username"], $_POST["password"]) ){
        $username = $_POST["username"];
        $password = md5( $_POST["password"] );

            if (empty($username) or empty($password)){
                $error = "all filed are required";
            } else {
                $query = $pdo->prepare("SELECT * FROM users WHERE user_name = ? AND user_password = ?");
                $query->bindValue(1, $username);
                $query->bindValue(2, $password);

                $query->execute();

                $num= $query->rowCount();

                if ($num == 1 ) {
                    // user entered correct details
                    $_SESSION["logged_in"] = true;
                    header("Location: index.php");
                    exit();

                } else {
                    // user entered false details
                    $error = "Incorrect details!";
                }

            }
    }
?>

<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>CMS</title>
    <link rel="stylesheet" href="../assets/style.css" media="all">
</head>
<body>
    <div class="container">
        <a id="logo" href="index.php">CMS</a>

        <br>
        <br>
        <?php if (isset($error)) {?>
            <small style="color=#aa0000"> <?php echo $error ?></small>
        <br>
        <br>
        <?php } ?>

        <form method="post" action="index.php" autocomplete="off">
            <input id="" type="text" name="username" placeholder="username">
            <input id="" type="password" name="password" placeholder="username">
            <input type="submit" value="Login">
        </form>    

    </div>
</body>


<?php
}
?>
